Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OjVSvEi4Ac7d2ZbVUcTC7qnWy0g.roa
File: OjVSvEi4Ac7d2ZbVUcTC7qnWy0g.roa (raw, json)
Hash identifier: WEL4wau2n1DVS+uTVnqY7ruw/ZlSLRs5sVFG2M+Cg9w=
Subject key identifier: 3A:35:52:BC:48:B8:01:CE:DD:D9:96:D5:51:C4:C2:EE:A9:D6:CB:48
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01860BDEBE77ED31DC85C9986BB600CB0E81
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OjVSvEi4Ac7d2ZbVUcTC7qnWy0g.roa
Signing time: Wed 01 Feb 2023 07:26:32 +0000
ROA not before: Wed 01 Feb 2023 07:26:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 2a0a:1400::/29 maxlen: 29
2a0f:e040::/29 maxlen: 29
2a0f:2100::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0b:de:be:77:ed:31:dc:85:c9:98:6b:b6:00:cb:0e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 1 07:26:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a3552bc48b801ceddd996d551c4c2eea9d6cb48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0a:2c:34:20:c9:6e:7c:61:6d:11:6e:c6:73:
ac:1a:4c:0e:cd:3d:47:e1:33:18:f2:29:ee:70:c4:
58:85:b1:5c:55:f2:f6:6a:ea:4a:4d:e4:e7:44:52:
6f:0b:da:a2:a2:dd:ff:d4:67:78:4d:3a:7f:a8:df:
67:8d:b2:81:47:3b:d9:53:94:d2:a1:85:77:3f:52:
1d:73:d9:1f:e5:09:2f:34:99:0c:bb:8d:56:a8:7b:
91:dc:08:30:99:30:49:10:af:79:5c:8a:62:cb:13:
ba:83:5f:da:be:f4:5b:1b:57:81:66:ef:a2:cd:45:
83:ee:1a:17:bc:84:b4:45:ec:5c:56:e6:c1:80:c4:
56:c6:d4:76:09:f1:6a:c8:d2:5d:88:7c:77:a7:22:
98:01:2f:62:89:3f:f3:30:1b:f5:50:eb:51:12:9d:
40:f0:d0:04:b6:7b:42:98:8c:ef:fe:00:ef:7d:04:
6d:33:ce:7f:d5:f1:ad:48:b0:2c:5c:59:f5:2a:f6:
ee:de:f5:a0:2d:7e:7b:ed:62:a7:16:c6:65:1f:14:
fc:c3:4d:11:74:53:21:94:67:29:01:18:20:9a:2a:
5a:d1:00:60:2f:b1:57:0f:8c:e1:3b:77:62:71:13:
58:b8:d6:b0:56:8e:e1:a6:5c:1a:32:49:42:06:ed:
9b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:35:52:BC:48:B8:01:CE:DD:D9:96:D5:51:C4:C2:EE:A9:D6:CB:48
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OjVSvEi4Ac7d2ZbVUcTC7qnWy0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1400::/29
2a0c:9240::/29
2a0f:2100::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:e040::/29
Signature Algorithm: sha256WithRSAEncryption
bd:a8:34:7a:da:83:90:1e:76:d8:34:3c:45:82:09:f6:37:9e:
1b:66:1e:d4:06:17:d4:74:79:e3:84:2d:24:3e:5b:32:a2:cd:
bc:a6:69:03:3b:bf:53:d3:ec:63:63:8b:d0:30:10:2e:52:50:
46:b2:99:b1:5d:bd:29:f6:1b:92:27:44:9d:d6:50:dd:06:3e:
31:fc:6a:69:c9:6e:72:b5:8a:f7:73:c1:26:26:72:67:53:b9:
e6:f7:62:b6:11:c2:b4:9d:ec:ef:71:05:0e:bc:7c:66:6c:70:
d0:98:23:40:b0:6f:d4:ab:fb:69:dc:0f:9b:f5:b6:8a:2d:e2:
6f:d3:9a:0d:2f:36:07:bc:88:ef:59:6d:34:50:68:5f:fe:9c:
3d:a7:e7:b3:92:42:6b:9a:68:df:44:60:a9:57:5a:f4:c5:7f:
01:e9:9b:0d:9a:c7:8b:38:b5:01:ab:f0:21:d5:74:a0:1c:69:
85:6e:63:69:e1:93:bb:35:53:ff:85:df:e1:39:44:8c:09:31:
a1:d5:54:e2:d8:49:08:c3:fd:09:d0:c3:41:e2:7e:e2:71:c8:
3b:ea:c7:28:d0:c8:e9:4d:d7:5c:fb:62:20:5b:de:5e:13:ad:
3e:bd:7a:7d:cc:af:b9:b9:22:b1:fa:75:49:8e:92:33:dd:a2:
57:b4:a8:14
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYYL3r537THchcmYa7YAyw6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMjAxMDcyNjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM1NTJiYzQ4YjgwMWNlZGRkOTk2ZDU1MWM0YzJlZWE5ZDZjYjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQosNCDJbnxhbRFuxnOsGkwOzT1H
4TMY8inucMRYhbFcVfL2aupKTeTnRFJvC9qiot3/1Gd4TTp/qN9njbKBRzvZU5TS
oYV3P1Idc9kf5QkvNJkMu41WqHuR3AgwmTBJEK95XIpiyxO6g1/avvRbG1eBZu+i
zUWD7hoXvIS0RexcVubBgMRWxtR2CfFqyNJdiHx3pyKYAS9iiT/zMBv1UOtREp1A
8NAEtntCmIzv/gDvfQRtM85/1fGtSLAsXFn1Kvbu3vWgLX577WKnFsZlHxT8w00R
dFMhlGcpARggmipa0QBgL7FXD4zhO3dicRNYuNawVo7hplwaMklCBu2b7QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDo1UrxIuAHO3dmW1VHEwu6p1stIMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT2pWU3ZFaTRBYzdkMlpiVlVjVEM3cW5XeTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgoUAAMF
AyoMkkADBQMqDyEAAwUDKg+BAAMFAyoPgwADBQMqD+BAMA0GCSqGSIb3DQEBCwUA
A4IBAQC9qDR62oOQHnbYNDxFggn2N54bZh7UBhfUdHnjhC0kPlsyos28pmkDO79T
0+xjY4vQMBAuUlBGspmxXb0p9huSJ0Sd1lDdBj4x/GppyW5ytYr3c8EmJnJnU7nm
92K2EcK0nezvcQUOvHxmbHDQmCNAsG/Uq/tp3A+b9baKLeJv05oNLzYHvIjvWW00
UGhf/pw9p+ezkkJrmmjfRGCpV1r0xX8B6ZsNmseLOLUBq/Ah1XSgHGmFbmNp4ZO7
NVP/hd/hOUSMCTGh1VTi2EkIw/0J0MNB4n7iccg76sco0MjpTddc+2IgW95eE60+
vXp9zK+5uSKx+nVJjpIz3aJXtKgU
-----END CERTIFICATE-----
Generated at Thu May 8 14:12:51 2025 by rpki-client